CNNVD-202509-3627 Information

CNNVD ID

CNNVD-202509-3627

Related CVE

CVE-2025-10772

• CNNVD Published: 2025-09-22

Description (Chinese)

lerobot是Hugging Face开源的一个机器人编程库。 huggingface LeRobot 0.3.3及之前版本存在安全漏洞，该漏洞源于ZeroMQ Socket Handler组件缺少身份验证，可能导致本地网络内的攻击。

Description (English)

Lerobot is a robotic programming library at Hugging Face. There is a security loophole in the hugglingface LeRobot 0.3.3 and previous versions, which stems from the lack of identification of the ZeroMQ Socket Handler component, which could lead to attacks within the local network.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

慧捷通

Published

2025-09-22

Last Modified

2026-02-24

References

https://vuldb.com/?id.325128 https://vuldb.com/?submit.649798 https://vuldb.com/?ctiid.325128 https://access.redhat.com/security/cve/cve-2025-10772